/**
 * Created by arno
 */

var authRoute = require("./auth");
var home = require("./home");
var setting = require("./setting");
var user = require("./user");
var permiss = require("./permiss");
var Token = require("../util/token");
var permissionsModel = require("../model/permissions");
let permissionsObj = {};
var userModel = require("../model/user");
module.exports = function (app) {
  app.use("/api", authRoute);
  app.use("/api", permiss);
  app.use("/api", async function (req, res, next) {
    let token = req.headers.token;
    if (token && Token.checkToken(token)) {
      let userObj = Token.decodeToken(token);
      var data = await userModel
        .getByName(userObj.payload.data.uname)
        .catch((d) => {
          res.json({
            code: 0,
            msg: d.sqlMessage,
          });
        });
      let userPer = JSON.parse(data.content);
      var permissionsList = await permissionsModel.listAndType(1);
      permissionsList.forEach((item) => {
        permissionsObj[item.api] = item.id;
      });
      if (userPer.indexOf(permissionsObj[req.path]) !== -1) {
        req.userObj = userObj.payload.data;
        // console.log(req.path);
        next();
      } else {
        res.json({
          code: 0,
          msg: "嘿！这不是你可以动的哦。你没有权限",
        });
      }
    } else {
      res.json({
        code: 0,
        errorCode: 1,
        msg: "not login",
      });
    }
  });
  app.use("/api", home);
  app.use("/api", setting);
  app.use("/api", user);
};
